<?php
# Do You Like My Hat?
# database.php
# General database access functions


# Database setup:
# Host: localhost
# Username: lifeprice_user
# Password: lifeprice
# Database name: lifeprice

# Connect to database
function db_connect() {
  mysql_connect('localhost', 'lifeprice_user', 'lifeprice') or
    die("Could not connect to database: " . nl2br(mysql_error()) );
  mysql_select_db('lifeprice') or
    die("Could not select database: " . nl2br(mysql_error()) );
}


# Disconnect from Database
function db_disconnect() {
  mysql_close();
}



# Takes in arbitary sql select query as $sql
# Returns an array of selected values
function query_select($sql) {

	db_connect();
  
	$handle = mysql_query($sql);
  
	if (!$handle) {
		# For error checking
		echo "Query: " . $sql . "<br />Failed with error: " . mysql_error();
    db_disconnect();
    exit;
		//return false;
	}
  
	# Build into array
	$a = array();
	while ($row = mysql_fetch_assoc($handle)) {
		$a[] = $row;
	}
  
	db_disconnect();
	
	# Return array
	return $a;
}



# Inserts a tuple into $tablename table
# $values should be an associative array of column names => value
# Returns the primary key of the tuple
function query_insert($tablename, $values){

	# Open database connect
	db_connect();

	# Build sql query
	$sql_string = "INSERT INTO " . $tablename . " (";
	$keys = array_keys($values);
	for($i = 0; $i < count($keys); $i++){
		$sql_string .= $keys[$i];
		if($i != count($keys) - 1) $sql_string .= ", ";
	}
	$sql_string .= ") VALUES (";
	for($i = 0; $i < count($values); $i++){
		if (is_numeric($values[$keys[$i]])){
			$sql_string .= sql_escape($values[$keys[$i]], false);
		}
		else{
			$sql_string .= "'" . sql_escape($values[$keys[$i]], false) . "'";
		}
		if($i != count($values) - 1) $sql_string .= ", ";
	}
	$sql_string .= ")";
	
	# Run generated sql query
	$handle = mysql_query($sql_string);
	if(!$handle){
		# For error checking
		echo "Insert Query: " . $sql_string . " failed with error . " . mysql_error();
		
		# Disconnect database
		db_disconnect();
		
    exit;
		//return false;
	}
	
	# Get primary key of last inserted tuple.
	$insert_id = mysql_insert_id();
	
	db_disconnect();
	
	return $insert_id;
}



# Updates a tuple by taking an arbitrary UPDATE statement
# Returns true if the update worked
# Returns false if there was a problem.
function query_update($sql){

  db_connect();
  
  $handle = mysql_query($sql);
  if(!$handle){
    echo "Query: " . $sql . "<br />Failed with error: " . mysql_error();
		db_disconnect();
    //return false;
    exit;
  }
  
  db_disconnect();
  
  return true;

}

# Deletes a tuple or set of tuples from a table
# $tablename is the table to delete from
# $id is the value of the id to delete by
# returns true on delete, false on fail
function query_delete_by_id($tablename, $id){

  db_connect();

  $sql = "DELETE FROM " . $tablename . " ";
  if(is_numeric($id)){
    $sql .= "WHERE id = " . $id;
    $handle = mysql_query($sql);
    if(!$handle){
      db_disconnect();
      //return false;
      exit;
    }
    else {
      db_disconnect();
      return true;
    }
  }
  else{
    db_disconnect();
    return false;
  }
  
}


# Runs mysql_real_escape_string anywhere without having to worry about the database
# Takes in an unsafe string $unsafe
# returns a safe string
function sql_escape($unsafe,$connect_to_database=true){
  
  # Check for magic_quotes
  if(get_magic_quotes_gpc()){
    $unsafe = stripslashes($unsafe);
  }
  
  # Connect to database to use mysql_real_escape_string
  if($connect_to_database){
    db_connect();
  }
  
  $safe = mysql_real_escape_string($unsafe);
  
  # Disconnect
  if($connect_to_database){
    db_disconnect();
  }
  
  return $safe;
  
}


?>
